Convert memset calls to OPENSSL_cleanse

to securely erase sensitive keys values from memory.
ghostlander · Sep 23, 2021 · aba816b · aba816b
1 parent 8b02775
commit aba816b
Showing 1 changed file with 22 additions and 22 deletions.
diff --git a/src/db.h b/src/db.h
@@ -131,23 +131,23 @@ class CDB
         Dbt datValue;
         datValue.set_flags(DB_DBT_MALLOC);
         int ret = pdb->get(activeTxn, &datKey, &datValue, 0);
-        memset(datKey.get_data(), 0, datKey.get_size());
-        if (datValue.get_data() == NULL)
-            return false;
-
-        // Unserialize value
-        try {
-            CDataStream ssValue((char*)datValue.get_data(), (char*)datValue.get_data() + datValue.get_size(), SER_DISK, CLIENT_VERSION);
-            ssValue >> value;
-        }
-        catch (std::exception &e) {
-            return false;
+        OPENSSL_cleanse(datKey.get_data(), datKey.get_size());
+        bool success = false;
+        if (datValue.get_data() != nullptr) {
+            // Unserialize value
+            try {
+                CDataStream ssValue((char*)datValue.get_data(), (char*)datValue.get_data() + datValue.get_size(), SER_DISK, CLIENT_VERSION);
+                ssValue >> value;
+                success = true;
+            } catch (const std::exception&) {
+                // In this case success remains 'false'
+            }
+
+            // Clear and free memory
+            OPENSSL_cleanse(datValue.get_data(), datValue.get_size());
+            free(datValue.get_data());
         }
-
-        // Clear and free memory
-        memset(datValue.get_data(), 0, datValue.get_size());
-        free(datValue.get_data());
-        return (ret == 0);
+        return(ret == 0 && success);
     }
 
     template<typename K, typename T>
@@ -174,8 +174,8 @@ class CDB
         int ret = pdb->put(activeTxn, &datKey, &datValue, (fOverwrite ? 0 : DB_NOOVERWRITE));
 
         // Clear memory in case it was a private key
-        memset(datKey.get_data(), 0, datKey.get_size());
-        memset(datValue.get_data(), 0, datValue.get_size());
+        OPENSSL_cleanse(datKey.get_data(), datKey.get_size());
+        OPENSSL_cleanse(datValue.get_data(), datValue.get_size());
         return (ret == 0);
     }
 
@@ -197,7 +197,7 @@ class CDB
         int ret = pdb->del(activeTxn, &datKey, 0);
 
         // Clear memory
-        memset(datKey.get_data(), 0, datKey.get_size());
+        OPENSSL_cleanse(datKey.get_data(), datKey.get_size());
         return (ret == 0 || ret == DB_NOTFOUND);
     }
 
@@ -217,7 +217,7 @@ class CDB
         int ret = pdb->exists(activeTxn, &datKey, 0);
 
         // Clear memory
-        memset(datKey.get_data(), 0, datKey.get_size());
+        OPENSSL_cleanse(datKey.get_data(), datKey.get_size());
         return (ret == 0);
     }
 
@@ -264,8 +264,8 @@ class CDB
         ssValue.write((char*)datValue.get_data(), datValue.get_size());
 
         // Clear and free memory
-        memset(datKey.get_data(), 0, datKey.get_size());
-        memset(datValue.get_data(), 0, datValue.get_size());
+        OPENSSL_cleanse(datKey.get_data(), datKey.get_size());
+        OPENSSL_cleanse(datValue.get_data(), datValue.get_size());
         free(datKey.get_data());
         free(datValue.get_data());
         return 0;